Closed Bug 104889 Opened 23 years ago Closed 23 years ago

No security checks for window.close()

Categories

(SeaMonkey :: General, defect)

x86
Linux
defect
Not set
critical

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 32571

People

(Reporter: kitame, Assigned: asa)

Details

Mozilla doesn't do any security checks for window.close()/top.close().
Netscape 4.x/IE only allow window.close()/top.close() without
confirmation if the history for the context of the page is empty.  If
the history isn't empty (that is: going 'Back' would be possible)
Netscape 4.x/IE pop up a dialog which ask the user whether to close
the window.


Steps to reproduce:

* Create two pages:

  ,----[ foo.html ]
  | <body onLoad="window.close()"></body>
  `----

  ,----[ bar.html ]
  | <a href="foo.html">Close Window</a>
  `----

* Start mozilla

* Load bar.html

* Click onto the 'Close Window' link

=> Mozilla closes the window (and exits).

The correct behavior would be to pop up a confirmation dialog which asks
whether to really close the window.

*** This bug has been marked as a duplicate of 32571 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.